These days, most enterprise application development teams regularly incorporate open source code into their applications. Keeping track of all that code and any security vulnerabilities it includes can be very difficult. To help with that problem, Black Duck Software has launched a new security-focused development tool called Black Duck Hub.
"Most companies do not have an automated mechanism to identify new open source as it enters a code base," said explained Black Duck's Bill Ledingham. "Moreover, they are unable to determine the actual risk and impact from vulnerabilities. Without this knowledge, companies have no way to triage and track vulnerability remediation efforts over time. The Black Duck Hub helps security and development teams identify and mitigate open source related risks across an application portfolio."